Disaster Recovery Plan: Analysis of the Planning Philosophy

Do you need this or any other assignment done for you from scratch?
We have qualified writers to help you.
We assure you a quality paper that is 100% free from plagiarism and AI.
You can choose either format of your choice ( Apa, Mla, Havard, Chicago, or any other)

NB: We do not resell your papers. Upon ordering, we do an original paper exclusively for you.

NB: All your data is kept safe from the public.

Click Here To Order Now!

Explanation:

Introduction

On September 11, 2001, the terrorist attack destroyed the World Trade Center in New York, which was the most profoundly focused financial territory. This attack destroyed the twin towers, as well as demolished the financial system. Banks situated in the World Trade Center experienced an uncommon disaster. The company’s backup facilities which were excessively close to the essential facilities were disrupted as the essential facilities. Single points of disappointment in saw diverse directing resulted in flopped backup communications systems. Because of the terrorist attacks of 9/11, there is significantly increased focus on the disaster recovery plan. (Robert Bronner, 1997) According to Robert Bronner, banks were among the earliest adopters of information innovation in the business world. The general use of information innovation in the bank system constrained a new industry – the disaster recovery industry. A disaster recovery plan is an essential piece of a bank’s business continuity plan. It is a process or set of procedures that assist firms get ready for disruptive events.

The objective of the plan is to recoup and ensure business IT facilities, such as the network, document management system, and center system, in disruptive events. Those events incorporate both natural disasters such as seismic tremors and man-made disasters such as power outages. It is impossible that a bank can always keep away from disasters, so the disaster recovery plan plays a vital part after a bank suffer a disaster. A cautious plan will effetely assist the bank to limit downtime and data loss by ensuring some level of organizational stability and a system recovery after a disaster will win. The Automated Clearinghouse Association was shaped by 7 Philadelphia-based banks in the mid-1970s for the sole purpose focus on the best way to deal with bank data recovery when bank computer systems go down. This group started the disaster recovery industry in 1987 by SunGard Recovery Services.

The importance of a disaster recovery plan

The disaster recovery plan is essential to the bank because the benefits it can get from drafting of a disaster recovery plan.

The basic benefits of a disaster recovery plan incorporate (‘disaster recovery plan’):

  1. Providing a sense of security
  2. Minimizing risk of delays
  3. Guaranteeing the reliability of standby systems
  4. Providing a standard for testing the plan
  5. Minimizing decision-making amid a disaster
  6. Reducing potential legal liabilities
  7. Lowering unnecessarily stressful work environment

Disaster recovery plan is a critical proactive way to deal with banks. Because the objective of the disaster recovery plan ensures the bank do limit loss amid the disaster, planning is vital to the disaster recovery plan. The kind of disaster recovery plan can be an assortment; however, every one of them should take after three basic measures (1) preventive measures, (2) detective measures, and (3) corrective measures. The purpose of the first measures is to keep a disaster from happening. This measure is focused on distinguishing and diminishes risks. Preventive intended to stop a disaster from happening. These measure endeavor to recognize the risks previously it happens and decrease the happen proportion. To accomplish the anticipation purpose, the measures may incorporate keeping data backed up and off-site, using surge protectors, installing generators, and leading routine inspections. Detective measures are used to discover the presence of any undesirable events among the IT infrastructure. They focus on unfound new potential threats.

These measures incorporate installing fire alarms, using up-to-date antivirus software, holding representative instructional courses, and installing server and network observing software. The system which is focused on restores a system after a disaster or otherwise undesirable occasion takes put is corrective measures. Their measures may incorporate keeping critical documents in the Disaster Recovery Plan or securing appropriate insurance policies, after a ‘lessons got the hang of’ brainstorming session. (‘Disaster recovery plan’) Banking industry positively needs the Disaster Recovery Plan. The research shows that among 170 disasters recoveries, 45 were for banks in the last 10 years. (Robert Bronner, 1997) In 2012, tropical storm Sandy highlights the bank’s requirement for disaster recovery planning. Sandy struck the East Coast of Manhattan, where is the area of Wall Street. Many banks’ headquarter situated on the East Coast, such as Citi and Bank of American, were flooded submerged. The financial markets in New York City were closed for no less than two days cause loss of millions of dollars. Disasters are startling and costly, so the planning is critical for the bank to diminish loss from disasters.

Disaster recovery is of specific importance for the banks than different businesses because of the immense request for services amid times of group disaster. The normal bank is multi-plat framed, with various locations and shifted operations and computer applications. For instance, Chase Bank has more than 19,500 ATMs and 5,600 branches across the nation. Mergers and acquisitions make the bank confronting a more confounding situation. Mergers and acquisitions have caused banks to persevere through more various types of applications. Basically, banks run 20 to 30 critical applications simultaneously. At the point when organizations merger or are obtained, a bank may run 40 to 60, twofold than some time recently, critical application at the same time. Moreover, because the bank’s worldwide extending, the bank’s operations turn out to be more decentralized that expands their compass past the back office into satellite locations. Last, banks are still depending intensely on paper.

For instance, the bank often needs the copy for its customers’ copy of ID. On the off chance that a bank suffers a disaster, what might happen to these decentralized operations and complex applications? What happens to the many paper transactions in branches that have not entered the central system? As soon as the disaster happened, regardless of its man-made or natural, despite its nearby or country, it can disrupt critical business operations significantly for a considerable length of time and sometimes months. Exhaustive planning can shorten recovery time drastically and continue banking operations continuously. (Robert Bronner, 1997)

The planning philosophy

As indicated by Geoffrey H. Wold of the Disaster Recovery Planning Process, 1997, a coordinated plan should incorporate 10 steps

1. Acquire Top Management Commitment

Top management in the bank must support and include when building up a disaster recovery plan. Management has the responsibility to supervise the plan creating the process and affirm the last disaster recovery planning is compelling inside the bank. The process of building up the plan should sufficiently incorporate time and satisfactory material resources. Resources could incorporate both financial considerations and the exertion of all personnel included. This process requires the bank to contract taught managers who have to learn about disaster recovery. In the event that the best supervisor doesn’t think about disaster recovery, the last disaster recovery plan, which has the cooperation of the best director, can be poor.

2. Establishing a planning panel

After the draft of the disaster recovery plan is finished, the bank needs to fabricate a planning board of trustees. The function of the planning board of trustees is overseeing the improvement and usage of the disaster recovery plan. The planning should consider every single functional region of the organization and impact represent them. The board members should incorporate the operations supervisor and the data processing administrator. The worker is the first thing the bank should consider when develops a disaster recovery plan. What worker most worry about? The safety of families and personal property. As long as those two areas are safe, the representative can focus on the safety of the business and its customers’ property. So when the management making the disaster recovery plans, they should incorporate essentials such as shelter, restorative insurance, pension, as well as counseling and information on the disaster recovery plan. The council should ensure the last disaster recovery plan incorporate a plan to ensure the safety of the representative’s family and property.

3. Play out a risk assessment

Risk analysis and business affect analysis are imperative parts of planning advisory group. They should contain the scope of possible disasters for natural, technical, and human threats. The council should analyze each functional zone of the organization’s potential consequence and impact associated with various disaster scenarios. Besides, the safety of critical document and vital records should be assessed, as well. For instance, fire always is considered the greatest danger to an organization, such a large number of banks purchase the fire insurance. Be that as it may, even the surge is occasionally, it still has an opportunity to happen. One reason the Sandy cost colossal loss is many banks situated on Wall Street doesn’t have purchased insurance for the surge. The disaster recovery plan should consider the ‘worst case’ situation.

4. Establish priorities for processing and operations

Critical needs are the necessary equipment and procedures used to recover the daily operations of a department, such as main facility or computer center when it suffered a disaster. The critical needs for each department within a bank should evaluate the areas include: functional operations, key personnel, information, processing systems, service, documentation, vital records, policies, and procedures. Analysis the processing and operations to decide the maximum amount need f time each department of the bank can operate without each critical system. To determining the critical needs of a department, the bank can document all the functions performed by every department.

As soon as the primary functions have been determined, the operations and processes should be ranked in the order of essential, important, and non-essential. (Robert Bronner, 1997) Location is the first critical consideration of a recovery plan. A bank’s recovery plan should include geographically independent relocations sites for every workgroup. (Robert Bronner, 1997) The consideration of the location include whether it is easy to access to other facilities, Data center professionals may work in an urban area and be more willing to travel or relocate. The recovery locations should be planned both for the data center environment and satellite locations.

5. Determine Recovery Strategies

The researched and evaluated processing alternatives are the most practical alternatives for processing. In order to make an effective recovery strategy, the bank must consider facilities, hardware, software, communications, data files, customer services, user operations, MIS, End-user systems, and other processing operations of the organization. Furthermore, the bank should consider its computer function. Hot sites, warm sites, cold sites, reciprocal agreements, tow data center, consortium arrangement, and vendor-supplied equipment are the alternatives for evaluation of the computer function. The third elements should be prepared is the written agreements for the specific recovery. The example of special considerations includes: contract duration, termination conditions, testing, costs, special security procedures, notification of system changes, hours of operation, and specific hardware and other equipment required for processing.

6. Perform Data Collection

The basic data collected for disaster recovery plan includes backup position listing, critical telephone numbers, communications inventory, distribution register, various types of inventory, master call list and vendor list, notification checklist, software and data files backup/retention schedules, temporary location specifications, and materials and documentation. That information is helpful to develop pre0formatted forms to facilitate the data gathering process. According to Robert F Bronner of the banking industry and disaster recovery plan, 1997: the inside data center is no longer enough for the bank, with the expansion of bank, the bank needs the data beyond the inside data center.

The remote of the working group of the remote locations should be part of the entire disaster recovery plan. The equipment and system in the remote locations should be accounted in the recovery plan. What is more, business recovery move advance to restoring and recreating the business process? For example, the ‘quick ship’ type of program that allows them to ship personal computers and related equipment to a designated recovery site within 48 hours of the declared disaster.

7. Organize and document a written plan

The disaster plan should be written in a standard form. The plan should include an outline of the plan’s contents. The management should review and approve the outline. Then, the procedures and the documentation should be written in the plan based on the standard format. It is helpful to create a consistent format and allows for continuing maintenance of the disaster recovery plan. The plan should be used before, during, and after a disaster. It should include methods for maintaining and updating the plan to reflect any significant internal, external or systems changes and structured using a team approach.

8. Develop testing criteria and procedures

After a disaster plan is created, it should be tested and evaluated on a regular basis. The tests will provide the organization with the assurance that all necessary steps are included in the plan. Furthermore, it helps to determine the feasibility and compatibility of backup facilities and procedures, identifying areas in the plan that need modification, providing training to the team managers and team members, demonstrating the ability of the organization to recover, and providing motivation for maintaining and updating the disaster recovery plan.

9. Test the Plan

After testing criteria have been completed, the bank should test the disaster recovery plan. A good bank’s recovery plan doesn’t mean it works well in the reality. The test will provide additional information about the continuing steps, reasonable adjustments to the original plan. Each functional department of the bank should be tested. The bank’s size and rate of organizational change decide the frequency of testing. Usually, small banks have a low frequency of testing; they may do testing once per year. Larger banks have high frequency; they perform exercises two or three times a year or stretch an annual test over several days. There are four main types of tests: checklist test, simulation test, parallel tests, and full interruption tests. The actual disaster is a true test to the bank. It is similar to simulation tests but more authentic than the simulation tests. Banks should document recovery efforts, evaluate results, and refine plans accordingly carefully.

10. Approve the plan.

The last step of making disaster recovery plan is approving the plan. After the written and tested, the plan should be approved by top management. The top management has responsibility for establishing policies and comprehensive contingency planning. Also, the management should review and approve the contingency plan annually and writes a review paper for the plan. If the information comes from a service bureau, management should evaluate the adequacy of contingency plans for its service bureau and ensure that its contingency plan is compatible with its service bureau’s plan.

Conclusion

With the expansion of the financial industry, banks become more sophisticated technology users; the disaster recovery plan will play a more important role in the banking sector. The bank’s disaster recovery plan can help the bank to mine the loss due to an unexpected disaster and recover the bank back to use as soon as possible, but it acquired the bank to plan a disaster recovery plan system effectively before the disaster happens. An effective disaster plan is made under the strict requirement in operating in planning, assessment, writing, and testing process. Nobody can estimate when the disaster will come, the disaster recovery plan is both a prevention method and insurance to decreasing the potential exposures and recover the organization for the bank.

Reference

  1. Bronner, Robert F. (2013). ‘Banking Industry and Disaster Recovery Planning. Wikimedia Foundation.
  2. Wold, Geoffrey H. (2013). ‘Disaster Recovery Planning Process Part 1 of 3.’ Oxford Press. London.
  3. Disaster Recovery Plan. (2017) ‘ Wikipedia. Wikimedia Foundation, December 2017
Do you need this or any other assignment done for you from scratch?
We have qualified writers to help you.
We assure you a quality paper that is 100% free from plagiarism and AI.
You can choose either format of your choice ( Apa, Mla, Havard, Chicago, or any other)

NB: We do not resell your papers. Upon ordering, we do an original paper exclusively for you.

NB: All your data is kept safe from the public.

Click Here To Order Now!